Q&A
How does this project differ from MITRE Atlas?
MITRE Atlas is a knowledge resource about attacks that target the creators of AI systems. It covers training data, the training environment, model artifacts and more, all crucial components when building an AI system. By contrast, the AI Agents Attack matrix is focused on attacks that target the users of an AI system. The focus is on how AI systems interact with the rest of the business environment on behalf of their uses. The AI Agents Attack Matrix includes the tehcniques in MITRE Atlas and more, and is meant to be a community-driven project that keeps updating on a regular basis based on new attack techniques that are discovered.
How does this project differ from MITRE ATT&CK?
MITRE ATT&CK is an incredible resource, and one that we have personally used over and over again. We wanted to take a focused approach on AI Agents, diverging from MITRE's endpoint-focused approach. Furthermore, we document both observed attacks and security researcher demonstrated by the community. We believe that with the fast pace of innovation with AI agents, its important we share information about potential attacks as soon as they are discovered to guide mitigation.
How does this project differ from OWASP LLM Top 10?
The OWASP LLM Top 10 is a knowledge resource about common vulnerabilities for applications using GenAI. It helps creators build GenAI applications in a safer way, applying best practice. By contract, the AI Agents Attack matrix is focused on the usage on AI agents and protecting their users. This projects takes the perspective of an organization that uses AI agents and would like to defend its users, whether they built the system themselves or not.
What is the scope of this project?
Any AI agent with some level of decision making, that interacts and acts on behalf of users. This includes AI agents you can license like ChatGPT, GitHub Copilot or Microsoft Copilot, extensions you could build with no-code tools and custom agents built for your specific use case.